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Claim Objections 

1 . Claims 1-5, 26, and 33 are objected to because of the following informalities: in 
claim 1 and 25, lines 3 and 6 the term "upon initial deployment" should be -upon the 
initial deployment-; in claim 1 , line 1 1 and 13 the term "zone of preapproved host" 
should be -zone of the preapproved host-; in claim 2-3, lines 2 the term "prior to initial 
deployment" should be -prior to the initial deployment-; in claim 5, line 3-4 the term 
"upon initial deployment" should be -upon the initial deployment-; in claim 26, line 1 1 
and 14 the term "of preapproved host" should be -of the preapproved hosts-; in claim 
33, line 5 the term "of preapproved hosts" should be -of the preapproved hosts-. 
Appropriate correction is required. 

Dependent claims 2-25, 27-48 are also objected as they are depending upon 
claim 1 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
states. 

3. Claims 1-4, 8-19, 22-29, 33-44, 47-52, 56-67 and 70 are rejected under 35 
U.S.C. 102(b) as being anticipated by Freund (US 5.987,61 1). 

Regarding claims 1, 26 and 49, Freund discloses a method for controlling 

connections to a compute upon its initial deployment of the computer, applying a pre- 
configured security policy that establishes a restricted zone of pre-approved host that 
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the computer may connect to upon its initial deployment; receiving a request for a 
connection from the compute to a particular host (col. 15, lines 14-16); based on said 
pre-configured security policy, determining whether the particular host is within the 
restricted zone of pre-approved host (col. 15, lines 26-34; col. 16, lines 1-3); and 
blocking said connection if said particular host is not within the restricted zone of pre- 
approved host (col, 19, lines 61-66; col. 4 lines 1-4). 

Regarding claims 3 and 28 Freund discloses the method wherein the computer 
comprises a portable computer and initial deployment includes establishing Internet 
connectivity (col. 15, lines 14-16). 

Regarding claims 4 and 29, Freund discloses the method wherein the restricted 
zone comprises a pre-access restricted zone specifically for a new machine (col. 26, 
lines 60-64; col. 23, line 2-3). 

Regarding claims 8, 33 and 56, Freund discloses the method wherein said 
blocking step includes, instructing a firewall, which is responsive to said preconfigured 
security policy, to block connections to any host that is not within the restricted zone of 
the pre-approved hosts (col. 12, lines 61-64). 

Regarding claims 9-12, 22, 47, 34-37, 57-60 and 70, Freund discloses the 
method wherein the pre-approved hosts comprise specific security-relevant sites; (the 
limitation of the specific sites include antivirus, firewall and end point security websites 
is implicitly disclosed within the prior art, as the rules can be set to block or allow 
whatever site the administrator or user need to block or allow (col. 23, lines 66-67; col. 
24. lines 1-5)). 
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Regarding claims 13, 38 and 61, Freund discloses the method wherein other 
attempted connections to the computer are refused (col. 25, lines 1-13; coL 14, lines 13- 
22; col. 19. lines 57-60). 

Regarding claims 14-15, 39-40 and 62-63, Freund discloses the method further 
comprising upon the computer completing updating of security sub-systems, removing 
the restricted zone so that the computer may connect to other machines (the prior art 
discloses a system with pre-existing rules that can be updated to include as well as 
exclude host that the system may connect to (col. 24, lines 40-44; col. 26. lines 18-42; 

* 

col. 27. lines 25-32; col. 25. lines 22-30)). 

Regarding claims 16, 41 and 64, Freund discloses the method wherein the 
preconfigured security policy is preinstalled on the computer prior to user purchase (the 
prior art discloses a system with a pre-defined or pre-package access right which meets 
the limitation of preinstalled prior to purchase (col. 25, lines 3-10). 

Regarding claims 2, 17, 27, 42, and 65, Freund discloses the method wherein 
the computer includes a hard disk having a manufacturer-provided disk image, and 
wherein the manufacturer-provided disk image include preconfigured security policy (the 
prior art disclosed a pre-package security rules in the system and hard disk for storage, 
therefore it is a fact that the preconfigured image is stored in the hard disk (col. 25, lines 
3-10; col. 7, line 40). 

Regarding claims 18, 43 and 66, Freund discloses the method wherein the 
computer is not allowed to participate with general connectivity to the Internet until 
security-relevant updates have been performed (col. 22, lines 38-41). 
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Regarding claims 19, 44 and 67, Freund discloses the method further 
comprising providing an option that allows a user to override the preconfigured security 
policy (coL 27, lines 18-19). 

Regarding claims 23 and 48, Freund discloses the method further comprising 
upon first attempted connection of the computer downloading an updated list of hosts 
that the computer may initially connect to (col. 22, lines 20-31). 

Regarding claim 24, Freund discloses a computer-readable medium having 
processor-executable instructions for performing the method of claim 1 (col. 7, lines 39- 
41). 

Regarding claim 25, Freund discloses a downloadable set of processor- 
executable instructions for performing the method of claim 1 (col. 7, lines 39-41 ; col. 5, 
lines 25-26; col. 21, lines 29-37). 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth In this Office action: 

(a) A patent may not be obtained though the invention Is not identically disclosed or described as set 
forth In section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 5-6, 30-31 and 53-54 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Freund (US 5.987,61 1) in view of Perkins et al. (US 2004/0187028 
A1). 

Regarding claims claim 5, 30 and 53, Freund discloses all the limitation of 
claims 5, except the method wherein said preconfigured security policy operates to 



Application/Control Number: 10/710,781 Page 6 

Art Unit: 2109 

prevent the computer from being remotely accessed by another computer upon initial 
deployment. The general concept of applying a policy rule to prevent remote access to 
a computer system is well known in the art as illustrated by Perkins, which discloses a 
firewall blocking remote access to a computer system (para. 0017, lines 7-9), therefore 
it would have been obvious for one of ordinary skill in the art at the time of the invention 
to modify Freund to include the use Perkins in order to protect the computer system 
from possible external threats. 

Regarding claims 6, 31 and 54, Freund discloses all the limitations of claim 6, 
except the method wherein said preconfigured security policy operates to prevent the 
computer from being remotely probed for vulnerabilities by other computers. The 
general concept of preventing a computer from being remotely probed for vulnerabilities 
is well known in the art as illustrated by Perkins, which discloses a firewall to block 
remote access from a computer system (para. 0017, lines 7-9). Therefore it would have 
been obvious for one of ordinary skill in the art at the time of the invention to modify 
Freund to include the use of Perkins in order to protect a computer system from being 
attack by an extemal computer. 

6. Claims 7, 32 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Freund (US 5,987,61 1) in view of Aroya (US 2004/0177274 A1) 

Regarding claims 7, 32 and 55, Freund discloses all the limitation of claim 7, 
except the method wherein said preconfigured security policy operates to prevent the 
computer from being infected by a malicious program delivered through an open port. 
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The general concept of preventing attacks from open port access is well known in the 
art as illustrated by Aroya, which discloses filtering and controlling port access as to 
reduce vulnerabilities to a computer system (para. 0006, lines 1-9). Therefore it would 
have been obvious for one of ordinary skill in the art at the time of the invention to 
modify Freund to include the use of Aroya in order to protect a computer system from 
being attack through open ports. 

7. Claim 20 is rejected under 35 U.S.C. 103(a) as being unpatentable over Freund 
(US 5,987,61 1 ) in view of Marchosky (US 2004/01 1 721 5 A1 ). 

Regarding claims 20-21, 45^6 and 68-69, Freund disclosed all the limitation of 
claim 20-21, except providing a warning to user and displaying a disclaimer to user. The 
general concept of providing a warning and displaying a disclaimer to user is well known 
in the art as illustrated by Marchosky, which discloses a warning is provided to a user 
and a disclaimer (para. 0188, lines 7-9). Therefore it would have been obvious for one 
of ordinary skill in the art at the time of the invention to modify Freund to include the use 
of providing a warning and disclaimer to a user in order to let user know of their 
responsibilities upon overriding security policy. 

Conclusion 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Esteve Mede whose telephone number is 571-270- 
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1594. The examiner can normally be reached on Monday thru Friday, 8:30-5:00 PM, 
EST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Frantz Jules can be reached on 571-272-6681 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



EsteveMede FRANTZ JULES 

em SUPERVISORY Ri^TENT EXAMINER 

04/30/2007 




